This is a malicious application that eavesdrops on users, please check your phone and remove it immediately
This application is hidden inside some applications on Google Play, once installed, it will try to hide on the victim's device with a gear icon, making users mistakenly believe that this is part of the system.
According to Lab52, this malicious code was previously linked to Turla, a famous hacker group believed to be supported by the Russian state. This group specializes in using custom malware to target European and American systems, mainly for espionage.
After being installed and granted system permissions, the application will steal the victim's data, eavesdrop and track the user's location.
On first launch, this malicious app will claim access to location, network status, camera, contacts, external storage, call logs, Foreground service, messages, recordings. . to collect the device's location, send and read texts, access memory, take photos/videos with the camera, and record audio.
After being granted the above permissions, this spyware will remove the icon from the screen and silently run in the background making it very difficult for users to detect.
This malware was discovered lurking in the Roz Dhan: Earn Wallet cash app on the Google Play Store.
If you have installed it by mistake, please remove this application immediately by going to Settings -> Apps -> Manage apps, find the malicious application name - > click Uninstall.
- 47 malicious apps you should remove from your phone immediately
- The list of applications containing malicious code or malicious ads should be removed from the phone
- A malicious extension 'occupies' Chrome and Firefox browsers appears, preventing users from uninstalling
- What is HulaToo? How to remove HulaToo?
- Discovered a new line of malicious Android code that steals user data on the electronic application market
- How to check Android status using Phone Doctor Plus
- The best Android battery bottle test application
- Rooted MySearch123.com on Chrome, Firefox and Internet Explorer browsers